This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

geoblocking & email best practices

Hello,

Recently one supplier's reply email was geoblocked at the firewall and through my own ignorance and inexperience haven't yet fully resolved it in a manner that seems elegant and secure.

Question:

Is it typical to have 2 geoblock exceptions entries for smtp services (one for each direction, eg to and from Ireland)

  • is it typical for enterprises to have Rx email server in North America and the Tx email server in Europe? How should the UTM be configured for this?

Should the UTM permit ALL port 25 traffic through the firewall and let the smtp proxy sort out the chaff from the wheat?

 

It makes sense to me that I should be able to email to almost any IP in the world and receive the same, I just unsure how to configure the UTM effectively.

I know the Firewall acts first, so it seems likely I could be dropping legitimate emails without knowledge (short of trawling through logs).

I am just looking to be safe and sensible with emails, I don't care so much about webtraffic, I can handle the bleating from the users about their favourite website not working, but not about their emails.

I have no test environment so I am loath to poke about too much.

Cheers



This thread was automatically locked due to age.
Parents
  • As you're new to WebAdmin and the UTM, you will want to refer to Rulz - especially #2 in this case as you don't want any firewall rules to do this.  Also see Doug Foster's take on some of this: READ ME FIRST: UTM Architecture.

    In Country Blocking, I generally only block traffic initiated From a county, not All or To.  Then, on the 'Country Blocking Exceptions' tab, make an Exception for ports 25, 465 and 587:

    Any better luck now?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • As you're new to WebAdmin and the UTM, you will want to refer to Rulz - especially #2 in this case as you don't want any firewall rules to do this.  Also see Doug Foster's take on some of this: READ ME FIRST: UTM Architecture.

    In Country Blocking, I generally only block traffic initiated From a county, not All or To.  Then, on the 'Country Blocking Exceptions' tab, make an Exception for ports 25, 465 and 587:

    Any better luck now?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children